Systems of three banks have been infiltrated by hackers to create fake trade documents that may have been used to raise finance abroad or facilitate dealings in banned items. The banks are government owned and two of them are headquartered in Mumbai and one in Kolkata.
The banks in question discovered that their SWIFT systems – the global financial messaging service banks use to move millions of dollars and documents across borders every day – have been compromised to create fake documents. However, they aren’t still sure about the origin of the attack and the intention of the hackers.
It’s learnt that soon after the breaches were reported to the Reserve Bank of India, the regulator last month directed several banks to cross-check all trade documents issued over the past one year.
“The nature of the attack is unfamiliar to Indian banks. While there is no monetary loss and ransom demand as yet, there are fears that the banks’ systems have been misused. There was fraudulent duplication of trade documents like letters of credit (LC) and guarantees. These the hackers may have encashed or are planning to encash with some offshore banks. It’s also possible that hackers did not present the fake LCs to raise funds but to carry out trade of prohibited or illegal commodities,” a person familiar with the breaches told ET.
An LC, serving as a guarantee, is a letter that one bank writes to another bank (particularly in another country) to ensure payment to the supplier of goods when certain conditions are met. Besides messages for fund transfers, the SWIFT system is also used to communicate trade documents. Thus, a cyber-criminal who generates fake LC may attempt to place it with an offshore bank for finance. The Indian bank (whose system has been misused to create false LC) may later face a monetary claim when the foreign bank tries to recover the money released against an LC or guarantee.